INTRODUCTION

Why Write a Book about Cybersecurity and Cyberwar?

Why Is There a Cybersecurity Knowledge Gap, and Why Does It Matter?

How Did You Go About Writing the Book and What Do You Hope to Accomplish?

PART I: HOW IT ALL WORKS

The World Wide What? Defining Cyberspace

Where Did This “Cyber Stuff” Come from Anyway? A Short History of the Internet?

How Does the Internet Actually Work?

Who Runs It? Understanding Internet Governance

On the Internet, How Do They Know Whether You Are a Dog? Identity and Authentication

What Do We Mean by “Security” Anyway?

What Are the Threats?

One Phish, Two Phish, Red Phish, Cyber Phish: What Are Vulnerabilities

How Do We Trust in Cyberspace?

Focus: What Happened in WikiLeaks?

What Is an Advanced Persistent Threat (APT)?

How Do We Keep the Bad Guys Out? The Basics of Computer Defense

Who Is the Weakest Link? Human Factors

Part II: WHY IT MATTERS

What Is the Meaning of Cyberattack? The Importance of Terms and Frameworks

Whodunit? The Problem of Attribution

What Is Hactivism?

Focus: Who Is Anonymous?

The Crimes of Tomorrow, Today: What Is Cybercrime?

Shady RATs and Cyberspies: What Is Cyberespionage?

How Afraid Should We Be of Cyberterrorism?

So How Do Terrorists Actually Use the Web?

What about Cyber Counterterrorism?

Security Risk or Human Right? Foreign Policy and the Internet

Focus: What Is Tor and Why Does Peeling Back the Onion Matter?

Who Are Patriotic Hackers?

Focus: What Was Stuxnet?

What Is the Hidden Lesson of Stuxnet? The Ethics of Cyberweapons

“Cyberwar, Ugh, What Are Zeros and Ones Good For?” Defining Cyberwar

A War by Any Other Name? The Legal Side of Cyber Conflict

What Might a “Cyberwar” Actually Look Like? Computer Network Operations?

Focus: What Is the US Military Approach to Cyberwar?

Focus: What Is the Chinese Approach to Cyberwar?

What about Deterrence in an Era of Cyberwar?

Why Is Threat Assessment So Hard in Cyberspace?

Does the Cybersecurity World Favor the Weak or the Strong?

Who Has the Advantage, the Offense or the Defense?

A New Kind of Arms Race: What Are the Dangers of Cyber Proliferation?

Are There Lessons from Past Arms Races?

Behind the Scenes: Is There a Cyber-Industrial Complex?

PART III: WHAT CAN WE DO?

Don’t Get Fooled: Why Can’t We Just Build a New, More Secure Internet?

Rethink Security: What Is Resilience, and Why Is It Important?

Reframe the Problem (and the Solution): What Can We Learn from Public Health?

Learn from History: What Can (Real) Pirates Teach Us about Cybersecurity?

Protect World Wide Governance for the World Wide Web: What Is the Role of International Institutions?

“Graft” the Rule of Law: Do We Need a Cyberspace Treaty?

Understand the Limits of the State in Cyberspace: Why Can’t the Government Handle It?

Rethink Government’s Role: How Can We Better Organize for Cybersecurity?

Approach It as a Public-Private Problem: How Do We Better Coordinate Defense?

Exercise Is Good for You: How Can We Better Prepare for Cyber Incidents?

Build Cybersecurity Incentives: Why Should I Do What You Want?

Learn to Share: How Can We Better Collaborate on Information?

Demand Disclosure: What Is the Role of Transparency?

Get “Vigorous” about Responsibility: How Can We Create Accountability for Security?

Find the IT Crowd: How Do We Solve the Cyber People Problem?

Do Your Part: How Can I Protect Myself (and the Internet)?

CONCLUSIONS

Where Is Cybersecurity Headed Next?

What Do I Really Need to Know in the End?